Latest in Gear

Image credit: AP Photo/Kamran Jebreili

Microsoft: Iranian cyberattack targeted a US presidential campaign

Phosphorous also pursued officials, journalists and expatriates.
157 Shares
Share
Tweet
Share

Sponsored Links

AP Photo/Kamran Jebreili

Iran has apparently been engaged in a large-scale cyberattack bent on compromising American politics. Microsoft reported that Phosphorous, a known group it believes is linked to the Iranian government, attacked 241 email accounts in a 30-day period between August and September, including those for a US presidential campaign as well as current and former US officials, journalists covering world politics as well as "prominent" expatriate Iranians. Four of these accounts were compromised, though this didn't include the presidential run or any officials.

The intruders "were not technically sophisticated," Microsoft said, but they were determined. They conducted extensive research of personal info to identify accounts and potentially fool account recovery systems, sometimes obtaining phone numbers used for two-factor authentication. There were over 2,700 attempts to identify accounts over the roughly month-long stretch. Phosphorous frequently used spear phishing in hopes it might trick users into providing login details through fake web forms.

Microsoft said it had notified Phosphorous' targets, and was helping compromised users secure their accounts. It also recommended that political figures use its AccountGuard program to get advanced monitoring and threat alerts.

Iran hasn't acknowledged its involvement in the attacks. However, they wouldn't be surprising in light of escalating tensions between the US and Iran that have included digital warfare. Iran has also been accused of conducting a Russia-like disinformation campaign meant to skew American politics ahead of the 2020 presidential election. If Iran is involved, this would mainly represent one of the most overt attacks to date.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
157 Shares
Share
Tweet
Share

Popular on Engadget

NASA picks space tourism outfit for its first commercial ISS module

NASA picks space tourism outfit for its first commercial ISS module

View
Billie Eilish proved anyone can access Grammy-winning gear

Billie Eilish proved anyone can access Grammy-winning gear

View
Intel is patching its Zombieload CPU security flaw for the third time

Intel is patching its Zombieload CPU security flaw for the third time

View
Atari-themed gaming hotels are coming to eight US cities

Atari-themed gaming hotels are coming to eight US cities

View
The company behind the Eve V laptop is back with crowd-developed monitors

The company behind the Eve V laptop is back with crowd-developed monitors

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr